FreeBSD : vorbis-tools -- Speex header processing vulnerability (633716fa-1f8f-11dd-b143-0211d880e350)
High Nessus Plugin ID 32299
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
A vulnerability has been reported in vorbis-tools, which can potentially be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an input validation error when processing Speex headers, which can be exploited via a specially crafted Speex stream containing a negative 'modeID' field in the header.
Successful exploitation may allow execution of arbitrary code.
SolutionUpdate the affected package.